Liberty Watch

    Dancing to Big Brother's Tune

From the BBC

Officials in a south Russian city are to impose restrictions on discos and attempt to "educate" DJs in an effort to improve public morality.

The new decree in Belgorod, 700km (400 miles) from Moscow, limits the kind of music which can be played as well as the kind of DJs permitted to play it.

Most Russians view discos simply as innocent fun. But officials in Belgorod consider them to be a potential danger to society, hotbeds of drugs, drink and debauchery.

Now the regional governor has ordered DJs to face the music and clean up their acts. He has imposed heavy restrictions on local discos or, as they are described in the decree, "mass cultural youth events". From now on, only music which is considered to be of a moral nature can be played. Recommended works include folk music, Russian and western classics.

Disc jockeys must have completed secondary education and they must know Russia's law on culture. Special courses will be organised to help DJs improve their qualifications.

As for the audience, from now on anyone boogieing in Belgorod would be well advised to take along a tape measure and a watch. According to the decree, there can be no more than two people dancing on one square metre and the music has to stop at 10pm.

It all smacks of Soviet-era control. Under communism, censors usually decided which songs could be played and which were too ideologically unsound. This is not the first time that officials in Belgorod have tried to raise the moral standing of society.

Early this year they launched a campaign to stop people swearing and encouraged police to fine anyone heard using "four-letter" words.

    450 Million Marked Men

From The Register

EU interior ministers are today likely to sign off regulations making fingerprinting a second compulsory biometric for passports. The latest proposed draft regulation will effectively overturn a decision made earlier this year to make only facial image compulsory, and fingerprint optional, and comes in the face of opposition from Sweden Finland, Estonia and Latvia, could not accept this re-opening of discussions on the second biometric identifier to become mandatory.

The UK has the ability to opt out, but has apparently been supporting a German proposal for a third, "optional" identifier - iris scan. The EU proposal, which can be read at Statewatch, here , ostensibly addresses compliance with ICAO and US requirements for biometric passports and the security of the passport itself.

These two basic of objectives of guarding against forgery or tampering, and linking the passport to the individual carrying it can be achieved simply by matching the document up against the individual's biometrics locally. And in fact this is currently the scenario where the preferred international standard of a facial image stands most chance of being reasonably effective, because you're doing a one-to-one rather than a one-to-many check. It is however intended that personal and biometric data will be held both on national databases and on a European Register of issued passports, to be used on the Schengen Information System and to be accessible by law enforcement agencies.

This central database has drawn strong objections on data protection grounds, with the Article 29 working party raising a fundamental objection to its establishment, and stressing that the sole purpose of the draft Regulation should be verification of the identity of the holder of the travel document which ought to be dealt with by storing biometric data in the travel document itself.

The addition of fingerprints to the passport's mandatory biometrics is meanwhile helpful from the UK Home Office's point of view, because although the draft regulation is specified as not applying to ID cards, the Home Office views its own plans for an ID system and passports as to all intents and purposes the same thing, with new passports being used initially to build critical mass for the ID system.

Statewatch editor Tony Bunyan notes that the latest moves mean that 450 million EU citizens will need to attend processing centres to have facial scans and be fingerprinted, and that the intrusion into personal privacy is "compounded by the failure to limit access to the data held and its further use for purposes other than checking on a persons' identity."

    Anti Social Policing

From Liberty

You are happily walking down the street on an April evening, having lost track of time whilst chatting to your friends.

You glance at your watch and realise that it is 9:05pm – 5 minutes past curfew! Looking up, you notice a police officer in the distance. Quickly turning, you see a police van coming round the corner on its patrol. You dash into a nearby alleyway, hoping neither spotted you…

A fictional scene? No. This is the experience of a 14-year-old in the town of Wigton in Cumbria, where a 9pm curfew for under-16s was imposed in the Easter holidays. And, with press suggesting similar schemes are being planned, curfews could soon be the norm right across the country.

Liberty believes that the imposition of a curfew on young people is unfair.

The police have a range of powers to deal with ‘anti-social behaviour’, but under-16s are now being treated like criminals just for being out of their homes past 9pm.

    Freer Singapore

From The Guardian

Singapore, a byword for big-brother authoritarianism, is to shake off its repressed image by adopting new measures to free up the lives of its citizens.

The city state has accepted 60 of the 74 steps that a special committee recommended last year to open up the tightly-controlled society and broaden people's horizons, local media reported yesterday.

But many of the "Remaking Singapore" measures will result in government agencies still dominating people's lives and some are little more than cosmetic, particularly with regard to the arts and freedom of expression.

Schools and colleges will have more flexibility in the students they accept, and rules for the registration of new societies and associations will be relaxed.

Buskers will no longer have to give their proceeds to charity, although they will still have to audition, and academics will be encouraged to participate in public policy debates.

But proposals to loosen public entertainment licensing regulations and establish a "free arts zone" where rules can be relaxed to facilitate free expression were rejected.

The minister for national development and head of the Remaking Singapore committee, Vivian Balakrishnan, was quoted in the Straits Times newspaper as saying the changes and shifts were "significant" but "at a pace [at] which we can carry the vast majority of Singaporeans".

The government's move comes amid continued recession and the luring away of companies by other countries in the region. In the future, the government will try to confine itself to specifying a negative list of undesirable, anti-social or illegal activities, Balakrishnan told the Guardian. Everything else will be fair game.

Some tangible changes have been introduced. Homosexuals are now welcome in the civil service; bar patrons can dance on table tops; nightclubs in certain areas can open 24 hours; the Rocky Horror Picture Show has had its first showing and the hit TV show Sex and the City and Cosmopolitan magazine will soon be available.

New economic pillars beyond the traditional hi-tech manufacturing and financial services are being built in the biotech, education and healthcare sectors. This is being done partly by attracting world-famous names to the island republic through larger investment budgets than are available elsewhere.

One of the foreign stars is Alan Colman, the Scottish scientist who cloned Dolly the sheep and is now undertaking stem cell research in an attempt to cure diabetes. He turned down offers in Britain and the US in favour of Singapore.

In many other respects Singapore is still "the fine city", so called because people can be prosecuted for trifling offences such as chewing the wrong sort of gum, jaywalking and not flushing the toilet.

    Spying on your Dirty Laundry

"Money laundering" is being used by the Government to justify all sorts of Big Brother controls on the way we spend our money. Just like the bollox, "National Security" it is bandied around as if they  expect us to say: "well that's all right then". It

From The Register

Two in three of UK businesses are failing to comply with new money laundering regulations.

As a result, company directors are leaving themselves open to legal action and a possible two-year jail sentence, a BT-commissioned study warns.

The Money Laundering Regulations , which came into effect last month, require UK businesses to prove the identity of their customers when handling cash transactions for goods of £15,000 or more. Companies also need to log these checks.

Although the majority of businesses claim to be aware of the new legislation (64%), nearly half of 150 execs quizzed by market research firm Coleman Parkes Research admit they do not have a defined and documented process in place for checking individuals’ identities.

There are marked variations in levels of compliance across different market sectors. Compliance is highest amongst financial services companies, with 62 per cent of stockbrokers and 55 per cent of Independent Financial Advisers (IFAs) already compliant. By comparison only three per cent of car dealers and 23 per cent of luxury good companies have checks in place.

More than one in four companies feel that the cost of compliance will mean certain transactions will have to be refused, and 13 per cent see it as a cost that will have to be passed on to customers.

Peter Gandy, head of Web Services at BT Global Services, said: Our research clearly highlights that organisations are confused about how to achieve compliance, and that there is a worrying lack of confidence in identity verification systems that are already in place.

Even some of those who have implemented identity authentication processes (40%) feel they could still be victims of money laundering.

    Gambling with Freedom

A new US Justice Department policy threatens to jail security professionals who help lock down online gambling sites anywhere in the world. For example, you're a computer security expert who's hired by an offshore casino in the Cayman Islands to develop a security and authentication technology. Your client is a licensed Cayman casino that has been operating for over 30 years, and wants to make a foray into online gaming.

You perform a standard security assessment, an architecture and code review, and help with firewall implementation and monitoring. With cheque in hand, you return to America and days, weeks or months later, the site goes active. A few weeks after that, you are visited by an FBI agent with a federal grand jury subpoena seeking records relating to your security work. Weeks after that, a knock on the door announces the arrival of deputy US Marshals with a warrant for your arrest.

US law generally makes it a crime if you are engaged in the business of betting or wagering and you knowingly [use] a wire communication facility for the transmission in interstate or foreign commerce of bets or wagers or information assisting in the placing of bets or wagers on any sporting events, or contest... This statute, 18 USC 1084, is called the "wire act" and has been applied for more than 70 years to go after offshore bookies who seek to evade US law by locating overseas.

However, Internet gambling is legalized in Liechtenstein, Gibraltar, Australia, New Zealand, Costa Rica, and a few Caribbean islands. So the first question is whether Internet gaming by a company in a country that permits it is a violation of US law. The US Justice Department argues that it is - and has the arrests and convictions (well, guilty pleas) to prove it. The theory is that entities that are in the business of betting or wagering (even where this is legal), who use international communications facilities like the Internet, and in some way "enter" or "affect" the United States or US citizens, are violating the Wire Act.

A recent New York Times article reports that US prosecutors are beginning to use the federal aiding and abetting statute to investigate and potentially prosecute those who, through perfectly lawful activities, assist online gaming companies that flout US law. This includes banks, broadcasters, ISPs and advertisers who help these casinos get their message out. The same net could easily snare information security professionals who, either deliberately or inadvertently, assist the gamers in their activities.

The criminal conspiracy statute, 18 U.S.C. 371, is known as "the prosecutor's friend" because of its talent for incarcerating people even tangentially connected to criminal activity. Yet even this statute requires the government to show an agreement to commit a crime. The aiding and abetting statute requires no such proof. It only requires the government to show that, with knowledge (express or implied) that a party intends to commit a crime, the defendant provided material support for that person.

And the punishment for aiding and abetting is the same as for committing the underlying crime. Applying this rationale to Internet crimes and information security professionals is a dangerous and inherently slippery slope. The information security professional who sets up a secure website for people to protest against Chinese occupation of Tibet runs the risk of criminal and capital punishment in China. The man who sets up the secure payment system for a Norwegian purveyor of dirty pictures may be prosecuted in the United States for a vicarious violation of US "indecency" laws.

    Watching the Government Watch your Speed

The article mentions safety and privacy but doesn't mention the opportunity for litigation and blame when recording the exact speed at the moment of impact.

From ZDNet UK

General Motors will begin installing new sensors and communications systems into vehicles next year that could save lives but will surely raise privacy concerns.

AACN is one of the car industry's most high-profile attempts to use telematics, the emerging field of dashboard-embedded communication devices, to help emergency dispatchers better understand the nature of an accident and determine what equipment or procedures medics might need to administer.

But privacy advocates and attorneys question whether the powerful system could become an agent for continual surveillance. Although drivers must agree to have the hardware installed and must pay $16.95 (£10) per month for service, privacy advocates worry that the data GM collects could fall into the hands of third parties that range from police or government agents to research firms trying to track consumer habits.

Lee Tien, a senior staff attorney for the Electronic Frontier Foundation, applauded GM for its effort to reduce car-related casualties. But he also said the technology could fall victim to "function creep" -- eventually morphing into a 24-hour surveillance system for authorities. This represents a very significant opportunity to track people in their cars. I'd be concerned not only that GM could have to turn in historical data it has collected under a court order or subpoena, but also whether eventually cops could use this technology to tap into a car's signal in real time.

GM executives insist that lawyers have carefully vetted AACN and they're betting that safety advantages will trump privacy issues for most consumers. In the 2006 model year, GM will provide it as a standard feature or option on all of its models. GM, which provides OnStar service for Lexus, Acura, Audi and Subaru brands, will also offer AACN to other manufacturers as an option or standard feature.

The technology hinges on a small computer embedded in the dashboard between the driver and passenger seats and called the Sensing Diagnostic Module -- what GM engineers call the "brains" behind AACN.

SDM receives input from other sensors throughout the vehicle, including those in side panels, seats and the engine area. It also records the number of occupants in the car at any given time, the vehicle's speed and the region of the vehicle that may have been hit.

In case of an accident, the SDM crunches an algorithm to determine the severity of impact, using a standard scale developed by the National Highway Traffic Safety Administration. The SDM then relays that information to an OnStar adviser, who may then phone an emergency medical technician, local hospital or 911 dispatcher.

A dispatcher might also warn medics that one or more occupants were children, who often require different-sized clamps or paddles in emergency procedures. Most new vehicles already have so-called suppression sensors in the seats to determine the weight of the occupants, chiefly to shield smaller occupants from the full force of an airbag release. In GM vehicles, people less than 90 pounds are considered to be children, and passengers more than 90 pounds are considered as adults.

Although few people doubt GM's intentions to help save lives, privacy advocates say the technology could have negative consequences. Lawyers say AACN could spark a number of interesting legal debates.

For instance, could a crash victim get the data to prove that he or she was driving within the speed limit -- but that the person who struck the car was driving too fast? If the data showed that a person frequently parked the car outside bars or off licences, then drove away at extreme speeds or swerved erratically, could that person be accused of drink-driving -- even if that person wasn't stopped by the police at the time?

David Sobel, general council for the Washington-based Electronic Privacy Information Centre, also had concerns about the nature of AACN registration. The feature is one of many services offered by OnStar, including automated stock quotes, driving directions and concierge services for ticket buying and restaurant reservations. Sobel said many people might opt for AACN because of safety perks but not be aware of the tracking function. Many people are likely to give consent in case of an accident, but the point is to make sure that the driver understands what data is being collected, what triggers the data collection and where it's reported.

GM executives said Wednesday they have no intention of selling the data collected by OnStar, or using it for nonemergency purposes. But Lange acknowledged that the data could leave GM if the company were subpoenaed. We do not release any information we collect, absent a direct, written authorization with the owner or some kind of court order to which we must respondBut privacy and integrity is very important to us .